package com.zl.hyzg.eureka.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class PlatformConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //http.csrf().ignoringAntMatchers("/eureka/**");
        //链式调用
        http.csrf()
                .disable()
                .authorizeRequests()
                .mvcMatchers("/eureka/**")
                //直接把/eureka/**直接放行
                .permitAll()
                //把安全健康监测相关的接口直接放行
                .mvcMatchers("/actuator/**")
                .permitAll()
                //对于除了上面两种接口之外的其余请求,都必须进过认证
                .anyRequest()
                .authenticated()
                .and()
                //采用http basic的方式发起请求
                .httpBasic();
    }
}
